Akonix predicts 2007 IM security drivers

Organizations will face a number of factors in 2007 that will converge to force them to more fully address their instant messaging (IM) security and compliance practices, predicted the IM security firm Akonix last week.

The company predicted five major drivers this year will spur companies to quit ignoring IM management and security.

“The underlying principle is that the use of IM in a corporate setting is on the rise—both formally and informally,” Peter Shaw, CEO of Akonix, told SCMagazine.com. “Companies need to make sure that they understand that IM is a piece of their landscape and they need to put the proper safeguards in place so they can stay in compliance.”

Shaw and his colleagues predict that IM will continue to come under attack by hackers. Akonix expects 2007 to show at least as much as the 92 percent annual growth rates seen in 2006 from these types of malicious threats.

But of even greater concern for many organizations are concerns on the legal front. One of the largest factors at play this year are the new rules on e-discovery that became effective last month, Shaw said. These new regulations put IM on par with email and other forms of discoverable evidence during litigation, making it necessary for organizations to know about and keep track of all messages sent among employees.

Hitting even closer to home for some organizations will be a dramatic increase this year in legal actions against organizations for hostile workplace and sexual harassment claims occurring through inappropriate use of IM at work, Shaw predicted. In a recent survey, the company found that nearly one-third of respondents were harassed or threatened through IM in the workplace.

The final threat-related prediction by Shaw and his team was that 2007 will also see the rise of corporate espionage through IM. This partially is a result of the maturation of email best practices, leaving less mature IM security as lower-hanging fruit, he said.

“Many IT departments have done a very good job containing the information flow,” he said. “So someone that wants to get around email rules, the obvious vector now is IM.”

All four of these factors will combine as convincing evidence to many organization that it is time to put better infrastructure in place to control IM in the workplace.

“There will be a lot of drivers to implement infrastructure that deals with employee use of instant messaging,” Shaw said. “There needs to be infrastructure to make sure the hackers don’t get in through instant messaging, that the internal guys don’t leak information out, that there is infrastructure in place for when the regulators come around so that messages can be quickly retrieved and the kind of records they require can be kept. All of these drivers are going to require corporations to implement more infrastructure that will help manage their employees’ use of IM.”

The final prediction made by Akonix is that in 2007, organizations will also find better ways to leverage IM management tools to improve workflow within organizations. Particularly useful is the ability to know when users are at their desks and to be able to automatically distribute information and duties based on this information.

“Incorporating that kind of information into existing applications will have significant benefits,” Shaw said.